How to renew invalid or expired eDirectory server certificates
This document (7013080) is provided subject to the disclaimer at the end of this document.
Server certificates are invalid or expired.
Repair default server cerificates.
- Login in iManager as Admin.
- Roles & Tasks | Novell Certificate Server | Repair Default Certificates
- Select the server(s) which will own the certificates and click Next
- Select Yes All Default Certificates will be overwritten and click Next
- Review the tasks to be performed and select Finish
Alternatively, you can do the following using a Linux server:
- iManager | View Objects | Manually delete the server's certificate objects from the TREE.
- From a terminal on the eDirectory Linux server:
ndsconfig upgrade -j
Note: The utility will detect the missing server certificates and re-create them.
Please note that the LDAP server will not pickup these new certificates until restarted with the following commands (Linux):
If there are problems accessing iManager on the eDirectory servers, please consider the steps provided in TID 7013239 - How to configure Workstation iManager on a Windows desktop for certificate administration.
Please see the preliminary steps to validate the CA from TID 7013047 - How to renew an expire Certificate Authority (CA)
If recreating certificates on an Open Enterprise Server (OES), please consider the coolsolution "Certificate Re-creation Script for OES1, OES2 and OES 11".
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7013080
- Creation Date:20-AUG-13
- Modified Date:16-AUG-16
Did this document solve your problem? Provide Feedback